Edit Firewall Rule: Network Service

A network service is a collection of protocols and port numbers that devices use to communicate over the Internet and local networks. . For example, the traffic that goes through an HTTP server uses TCP local ports 80 and 443. You can define multiple protocols. For example, a rule might include the ICMP, IP and TCP protocols. The rule describes multiple types of connections that may occur between the identified client computers, or used by an application.
You define the service based on its protocol, port, and the traffic direction.
Add ports or port ranges. When you add multiple TCP/UDP ports or protocol types, make sure that you put a comma between them.
When you define TCP-based or UDP-based service triggers, you identify the ports on both sides of the described network connection. Traditionally, ports are referred to as being either the source or the destination of a network connection.
Add a protocol number (IP type).
Examples: Type 1 = ICMP, Type 6 = TCP, Type 17 = UDP
Add an Ethernet frame type.
Ethernet is a set of network-related technologies that cover the physical layer and network topology that the IEEE 802.3 standards define.
Examples: Type 0x0800 = IPv4, Type = 0x8BDD = IPv6, Type 0x8137 = IPX
TCP and UDP protocol settings
The source port and destination port are dependent on the direction of traffic. In one case the local client computer might own the source port, whereas in another case the remote computer might own the source port.
  • Source Port
    : Port where the packet comes from. For inbound traffic, the source is the remote port. For outbound traffic, the source is the local port.
  • Destination Port
    : Port where the packet goes to. For inbound traffic, the destination is the local port. For outbound traffic, the destination is the remote port.
For example, when the client device connects to a remote desktop, the traffic is outbound, the source port is random, and the destination port is TCP 3389. If another device connects to the client as a remote desktop, then the traffic is inbound but the source ports and destination ports stay the same. The source port is still random and the destination is 3389 on TCP.
The local host computer always owns the local port, and the remote computer always owns the remote port. This expression of the port relationship is independent of the direction of traffic. For example, when the client computer connects to a remote desktop, the remote port is TCP 3389. The local port is the same, for both inbound and outbound traffic.
  • Local Port
    : Client computer
  • Remote Port
    : Computer that communicates with the client computer
If you do not select a port number, then all the ports trigger the rule. If you enter a port number for the local port, but not for the remote port, then the local port that you entered and all the remote ports trigger the rule.
Packet Direction
Specifies the traffic direction between the client and the network:
  • Both
    Traffic goes in both directions between the client and the network.
  • Incoming
    Traffic goes from the network to the client.
  • Outgoing
    Traffic goes from the client to the network.
ICMP, IP, and Ethernet protocol options
Protocol type
Controls the messages that report the errors in traffic communication, such as Echo Reply.
  • ICMP Type
    Lists the protocols' ISO numeric designators.
  • ICMP Code
    The code fields for the ICMP type.
  • Protocol Type
    The IP protocol numbers that are used in the protocol field of IPv4 packets and the header field of IPv6 packets.
  • Apply to fragmented packets only
    The IP packets can be broken into smaller packets for the network segments that can only handle smaller packets. Use this option to keep the firewall from blocking the incomplete packets.
Ethernet protocols are the group of LANs that the IEEE 802.3 covers.
Protocol Direction
: The traffic between the network and the client. Traffic from the network to the client is inbound and traffic from the client to the network is outbound.